Improper Authentication Vulnerability in Intel SSD DC Products
CVE-2021-33076

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ssd Dc
Vendor: CVE Published:; 20 September 2022

Summary

The vulnerability stems from improper authentication mechanisms in the firmware of certain Intel SSD DC products. An unauthenticated user with physical access to the device may exploit this flaw, potentially leading to escalated privileges. This poses significant risks to data integrity and security, especially in environments where sensitive information is stored. Implementing strict physical security measures and updating firmware can mitigate these risks.

Affected Version(s)

Intel(R) SSD DC See references

References

https://www.solidigm.com/content/dam/newco-aem-site/maste...

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 20, 2022
Vulnerability Reserved
May 18, 2021